Lately, on several different PHP forums, the user HelenVBeden, along with a slew of other user names, has appeared on different forums. I first noticed it on my WoW guild forums, but I've caught it in other non-WoW forums. Does anyone have any idea how to circumvent this virus? It just spams different public access threads (though I believe it has access to all threads) and posts random URLs. Has anyone else experienced something similar? Any help would be much appreciated.

I don't think it's related to PHP in any way. It's just bots that love to spam. There is little you can do besides banning them. We get plenty of spam here as well, some filtered by the spamfilter, most has to be manually deleted though.

I've found several PHP virus' in a search, but they all would have to have been executed on the server hosting the forum. I didn't notice any yet that resulted in a spamming of forums, but I haven't done a detailed search of these virus' yet either. The name most likely recurs across many forums, because it is generated and re-used by the organization which engages in this activity. I think it is more likely an outside attack by an automated system, rather than an internal virus.

I've found several PHP virus' in a search, but they all would have to have been executed on the server hosting the forum. I didn't notice any yet that resulted in a spamming of forums, but I haven't done a detailed search of these virus' yet either. The name most likely recurs across many forums, because it is generated and re-used by the organization which engages in this activity. I think it is more likely an outside attack by an automated system, rather than an internal virus.

That's what I was thinking as well, except for it has managed to get past two forms of security: accepting an e-mail that allows access (not a big surprise) and actually getting past moderator approval for forum access. It also changes domains all the time, much to my chagrin, so simply banning the domain isn't good enough. I think we may have found a fix in allowing them to keep member access, but remove their posting privileges. When you remove the user entirely, the same behavior begins under a new member from a different domain. However, allowing the user to remain (but still removing their posting capabilities) seems to fix the problem for now.

Just Spambots and Spammers. Otherwise known as Bastards. If it wasnt for the anti-spam in these forums, I wouldnt mind having a bet that there would be 100's of Spam posts every day!